How to Build Secure Mobile Apps That Keep User Data Safe

April 1, 2016 - 3 minutes read

VR may have ruled the product side of this year’s SXSW Interactive, but security was the public issue most on the minds of iPhone app developers. The recent Apple vs. FBI court case over encryption very much drew security to center stage, with President Obama commenting that “this notion that somehow our data is different and can be walled off from those other tradeoffs we make I believe is incorrect.”

While much of the crowd seemed to side with Apple on the issue, iPhone app developers on both sides of the issue can agree that security is more important than ever for mobile users.

Transit encryption

Even if a chat app doesn’t encrypt the messages themselves, it’s critical that any process generating user accounts (usernames, passwords, etc.) takes place under the strongest protection possible. Generally, this means using some form of HTTPS or SSL/TLS to make it impossible for hackers to access your servers fraudulently.

PINs for mobile and two-factor for desktop

Any app that handles financial or health information should require a PIN to enter on mobile. User’s don’t always have PINs on their phone, so the protection an iPhone app developer places on the individual app may be the only thing keeping a thief away from your users bank accounts.

Additionally, multi-platform apps that offer web access can offer two-factor authentication (meaning that a PIN texted to mobile is required to sign in from an unrecognized device). This is particularly important for apps that are daisy-chained to other accounts like Facebook or Google.

OAuth API security

Finally, the automated nature of APIs make them a common point of attack for app developers on both mobile and desktop. OAuth allows secure authorization to make sure that unrecognized devices don’t access APIs, as well as creating time-sensitive access tokens.

Trust gains users

There’s a tendency among some iPhone app developers to shrug their shoulders about “time-consuming” security features like those above. And that’s too bad, because all it takes is one data breach to erode user confidence.

The national debate about encryption and security is making users more technically savvy about protecting their data than ever before. iPhone app developers who meet the demand for security are sure to be rewarded in the long term.